Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual page 32
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.3 - ADMINISTRATION:
- Manual (98 pages) ,
- Release note (24 pages) ,
- Manual (92 pages)
Table of Contents
Advertisement
Chapter 1. Overview
certificate content. The default certificate profiles can be modified and new custom modules created.
Chapter 13, Certificate Profiles
See
for details.
If the policies in the certificate profile are not met, the request is rejected. If they are met, the certificate
is issued.
1.2.2.4. Creating Certificates
The Certificate Manager issues certificates when it receives signed requests either from agents (users
who are assigned privileges to approve enrollment and revocation requests) or from a third-party
application that is set up for CMC enroll with the Certificate Manager.
The Certificate Manager creates the certificate using the information in the request and from the
certificate profile that are set.
1.2.2.5. Publishing Certificates
Certificates can be published to a file, an LDAP directory, or OCSP responder. Configuring publishing
sets rules to determine which certificates are published using which method and where they are
Chapter 15, Publishing
published. See
for details.
1.2.2.6. Key Archival
If a CA is configured with a DRM, then the private keys are archived in the DRM during certificate
Chapter 7, Data Recovery Manager
enrollment. See
for details.
1.2.2.7. Storing Certificate Requests and Certificates
When it issues a certificate, the Certificate Manager stores both the certificate and the certificate
request in its internal database.
1.2.2.8. Revoking Certificates
End entities can submit certificate revocation requests in the end-entities page if they lose their private
key or if their certificate has been compromised. When an end entity requests a revocation, the
request is sent to the agent services interface for agent approval.
An agent can revoke a certificate if the owner of the certificate is unwilling or unable to do so.
When the certificate is revoked, it is marked revoked in the internal database and in the publishing
system. The certificate is added to the certificate revocation list (CRL) produced by the Certificate
Chapter 14, Revocation and CRLs
Manager. See
for details.
1.2.2.9. CRLs
Whenever a certificate is revoked, any CRLs that are set up are edited and updated in the internal
database. It is published to a file, an LDAP directory, or an OCSP responder, if these services have
been set up. The CA can be configured to issue CRLs and define CRL issuing points that define which
certificates go into each CRL.
CRL configuration grants flexibility to define which CRL is published where, the extensions contained
in a CRL, and the frequency and intervals when a CRL are published. Publishing delta CRLs
Chapter 14,
publishes a list of only those certificates that have been revoked since a certain date. See
Revocation and CRLs
for details.
10
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat CERTIFICATE 7.1 ADMINISTRATOR
- Red Hat LINUX 7.2 - S-390
- Red Hat LINUX 7.1 - PSERIES
- Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0
- Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.3 - ADMINISTRATION and is the answer not in the manual?
Questions and answers